package com.xiguthings.waka.shiro.filter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.web.filter.authc.AuthenticationFilter;



public abstract class BaseCostermAuthenticationFilter extends AuthenticationFilter {
	public static final String TOKEN = "token";

	@Override
	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {

//		HttpServletRequest req = (HttpServletRequest) request;
//		HttpServletResponse rep = (HttpServletResponse) response;
//		String token = VerifyFilterUtils.getToke(req);
//		if (StringUtils.isNotBlank(token)) {
//			if (isAccess(token, req, rep)) {
//				return onAccessSuccess(req, rep, token);
//			}
//			return onAccessFail(req, rep, token);
//		}
//		return onAccessFail(req, rep, token);
		return false;
	}

	/**
	 * 判断token的合法性
	 * 
	 * @param token
	 * @return
	 */
	public abstract boolean isAccess(String token, HttpServletRequest request, HttpServletResponse response);

	/**
	 * 认证成功进行的操作处理
	 * 
	 * @param request
	 * @param response
	 * @return true 继续后续处理，false 不需要后续处理
	 */
	public abstract boolean onAccessSuccess(HttpServletRequest request, HttpServletResponse response, String token);

	/**
	 * 认证失败时处理结果
	 * 
	 * @param request
	 * @param response
	 * @return true 继续后续处理，false 不需要后续处理
	 */
	public abstract boolean onAccessFail(HttpServletRequest request, HttpServletResponse response, String token);
}
